VMWARE: Meltdown and Spectre

Martin 09/01/2018

Due to the new CPU bug, memory can be read by criminals, therefore update your OS and virtuel environments:

Relevant Products

  • VMware vSphere ESXi (ESXi)
  • VMware Workstation Pro / Player (Workstation) excluded Workstation version 14
  • VMware Fusion Pro / Fusion (Fusion) excluded Fusion 10

Solution

  • VMware vSphere 6.5: apply patch¬†ESXi650-201712101-SG¬†(released on Dec, 19th 2017)
  • VMware vSphere 6.0: apply patch ESXi600-201711101-SG
  • VMware vSphere 5.5: apply patch ESXi550-201709101-SG (this patch has remediation against CVE-2017-5715 but not against CVE-2017-5753)
  • VMware Workstation 12.x: update to version 12.5.8
  • VMware Fusion 8: update to version 8.5.9

Esxi 5.0 and 5.1 is no more supported and cannot be patched = UPDATE to newer vSphere edtion asap!!!

Sources:

https://vinfrastructure.it/2018/01/meltdown-spectre-vmware-patches/

https://vinfrastructure.it/2018/01/meltdown-spectre-critical-vulnerabilities-several-processors/

About the Author

Leave a Reply